JSON Web Token

  1. Home
  2. Blog

JSON Web Token

โญ• JSON Web Token

JSON Web Token (JWT) is quite popular and used for #authentication๐Ÿ”ฅ โœ๐Ÿป It's a token-based standard that allows us to securely transfer information between two parties without storing anything in a database. JWT token consists of three parts:

  • โœ”๏ธ Header
  • โœ”๏ธ Payload
  • โœ”๏ธ Signature

Each one is BaseURL64 encoded to form the token.

๐‰๐–๐“ ๐š๐ฎ๐ญ๐ก๐ž๐ง๐ญ๐ข๐œ๐š๐ญ๐ข๐จ๐ง ๐Ÿ๐จ๐ฅ๐ฅ๐จ๐ฐ๐ฌ ๐š ๐ฌ๐ข๐ฆ๐ฉ๐ฅ๐ž 4 ๐ฌ๐ญ๐ž๐ฉ ๐ฉ๐ซ๐จ๐œ๐ž๐ฌ๐ฌ

  1. Client (Browser) ๐Ÿ‘‰ sends post request with credentials to auth server to authenticate themselves

  2. Auth Server ๐Ÿ‘‰ authenticates user credentials and generates a JWT. The server does not store anything and sends the token to the browser to save. It allows users to authenticate without their credentials in the future. It's best advised to store the token in an http-only cookie.

  3. Thereafter ๐Ÿ‘‰ for every request the client sends the JWT in the authorization header. Validation happens using token introspection with the auth server.

  4. Once validated, the resource server ๐Ÿ‘‰ sends the necessary data to the client. ๐Ÿšจ This covers a basic understanding of how JWT works. There's much more to it.

  • โœ… Reading it from jwt.io would provide better insights.

  • โžก๏ธ If you find this post helpful, share it with your connections (Let's help each other grow ๐Ÿ‘Š๐Ÿป)

  • โžก๏ธ๐Ÿ“ฅ Don't forget to save this Post!

  • โžก๏ธFollow Abdul Haseeb Khan for more.

Happy watching and learning! ๐Ÿ™Œ

Tags:
Author: Abdul Haseeb Khan

Software Development Consultant | Angular| MEAN Stack | Advisory IT Operations | Tech Consultant | Tech Trainer | Social Media Activist